CVE-2022-38752

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081	Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081	Permissions Required
https://security.gentoo.org/glsa/202305-28
https://security.netapp.com/advisory/ntap-20240315-0009/

Configurations

Configuration 1 (hide)

cpe:2.3:a:snakeyaml_project:snakeyaml:*:*:*:*:*:*:*:*

History

15 Mar 2024, 11:15

Type	Values Removed	Values Added
References		() https://security.netapp.com/advisory/ntap-20240315-0009/ -

Information

Published : 2022-09-05 10:15

Updated : 2024-03-15 11:15

NVD link : CVE-2022-38752

Mitre link : CVE-2022-38752

CVE.ORG link : CVE-2022-38752

JSON object : View

Products Affected

snakeyaml_project

snakeyaml

CWE

CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow

{"id": "CVE-2022-38752", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "cve-coordination@google.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-09-05T10:15:09.847", "references": [{"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081", "tags": ["Third Party Advisory"], "source": "cve-coordination@google.com"}, {"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081", "tags": ["Permissions Required"], "source": "cve-coordination@google.com"}, {"url": "https://security.gentoo.org/glsa/202305-28", "source": "cve-coordination@google.com"}, {"url": "https://security.netapp.com/advisory/ntap-20240315-0009/", "source": "cve-coordination@google.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "cve-coordination@google.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow."}, {"lang": "es", "value": "El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegaci\u00f3n de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar contenido que hace que el analizador sea bloqueado por desbordamiento de pila"}], "lastModified": "2024-03-15T11:15:08.207", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:snakeyaml_project:snakeyaml:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F180BD10-FFC7-4197-9D18-59920B6D9955", "versionEndExcluding": "1.32"}], "operator": "OR"}]}], "sourceIdentifier": "cve-coordination@google.com"}